By coming the powerful languages and new techniques for the web applications such as .Net, J2EE, PHP libraries, AJAX, and so on, we can have more powerful web applications.
So, we must be happy because of these new technologies!
But, hackers are also happy! Because by using these technologies, they can also design their tools easier, and disperse it all around the world, and control it from anywhere that they want. But, HOW?
There are so many free web hosting in the Internet which do not need your correct information for registration. So, hackers can register a lot of accounts on them and setup their tools without concerning about compromising their identifications.
Some of the hackers’ tools are:
Loggers -> which log victims’ information (by using some key loggers on the clients or XSS attacks).
Request Senders -> which send anonymous dangerous requests to the victims who can be a client or a server.
Database Managers -> which manage databases such as MSSQL, MySQL, Oracle, and so on remotely.
Remote Desktop Managers -> which connect to the computers by backshell or by a RDP. (I haven’t seen the graphical version yet!)
Mail Senders -> which send malicious emails to the clients.
FTP Managers -> which connect to a FTP with full modifying options.
Exploit Executers -> which execute malicious codes on the clients and the visitors to gain control of their computers.
I think anonymization with HTTP protocol is easier than the others when you are using TOR or some anonymous VPNs.
So, I think:
1- The free web hosting must have some process to identify their users correctly!
2- Browsers must have some features to make free web hosting websites in max of security protection, and also, they must show some security warning about these websites.
3- Firewalls and Antivirus must have some protection against these free websites.
Do you have any idea?
Found you at milw0rm. Good to see you produce articles on security; continue!
Listen to this advice from a friend: Learn more about Unix-like systems, specially Linux and FreeBSD. These are the most popular server OSes on the net.